Ransomware detection and mitigation using software-defined networking: The case of WannaCry. (June 2019)
- Record Type:
- Journal Article
- Title:
- Ransomware detection and mitigation using software-defined networking: The case of WannaCry. (June 2019)
- Main Title:
- Ransomware detection and mitigation using software-defined networking: The case of WannaCry
- Authors:
- Akbanov, Maxat
Vassilakis, Vassilios G.
Logothetis, Michael D. - Abstract:
- Abstract: Modern day ransomware families implement sophisticated encryption and propagation schemes, thus limiting chances to recover the data almost to zero. We investigate the use of software-defined networking (SDN) to detect and mitigate advanced ransomware threat. We present our ransomware analysis results and our developed SDN-based security framework. For the proof of concept, the infamous WannaCry ransomware was used. Based on the obtained results, we design an SDN detection and mitigation framework and develop a solution based on OpenFlow. The developed solution detects suspicious activities through network traffic monitoring and blocks infected hosts by adding flow table entries into OpenFlow switches in a real-time manner. Finally, our experiments with multiple samples of WannaCry show that the developed mechanism in all cases is able to promptly detect the infected machines and prevent WannaCry from spreading.
- Is Part Of:
- Computers & electrical engineering. Volume 76(2019)
- Journal:
- Computers & electrical engineering
- Issue:
- Volume 76(2019)
- Issue Display:
- Volume 76, Issue 2019 (2019)
- Year:
- 2019
- Volume:
- 76
- Issue:
- 2019
- Issue Sort Value:
- 2019-0076-2019-0000
- Page Start:
- 111
- Page End:
- 121
- Publication Date:
- 2019-06
- Subjects:
- WannaCry -- Ransomware -- Software-defined networking -- OpenFlow -- Malware analysis
Computer engineering -- Periodicals
Electrical engineering -- Periodicals
Electrical engineering -- Data processing -- Periodicals
Ordinateurs -- Conception et construction -- Périodiques
Électrotechnique -- Périodiques
Électrotechnique -- Informatique -- Périodiques
Computer engineering
Electrical engineering
Electrical engineering -- Data processing
Periodicals
Electronic journals
621.302854 - Journal URLs:
- http://www.sciencedirect.com/science/journal/00457906/ ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.compeleceng.2019.03.012 ↗
- Languages:
- English
- ISSNs:
- 0045-7906
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.680000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 10384.xml